Create Databricks IAM policy in AWS
Learn how to create an Identity and Access Management (IAM) policy in your AWS account for Databricks.
To create a policy:
- Log in to the AWS Management Console.
- In the search field, search for iam.
- In the drop-down list of items, hover over IAM and select Policies.
- In the Policies page, select Create Policy.
- In the Create policy page, provide the permissions for the policy.
- Service: Select the stsservice.
- Actions: In the Write access level, select AssumeRole.
- Resources: Select Add ARN and add the buckets account id and role name from Create buckets IAM role with an external ID in AWS.
- Select Add.
- Select Next:Tags.
- Select Next:Review.
- In the Review Policy page, provide the policy details.
- Name: Enter a policy name. For example: pm-doc-assume.
- Description: Enter a description for the policy.
- Select Create Policy. For more information, see topic Creating IAM policies.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"sts:AssumeRole"
],
"Resource": [
"arn:aws:iam::BUCKET_AWS_ACCOUNT_ID:role/rolename"
]
}
]
}